Introduction

Updating PowerShell to the latest version across multiple systems can enhance security, improve performance, and unlock new features. However, if you have existing scripts that rely on older versions, updating PowerShell could inadvertently break functionality. In this guide, we will walk you through updating PowerShell using Group Policy while ensuring that your existing scripts remain unaffected. This step-by-step approach allows for a side-by-side installation, preserving the compatibility of older scripts while leveraging the benefits of newer PowerShell versions.

1. Understanding the PowerShell Update Strategy

By default, Windows systems come with Windows PowerShell 5.1 pre-installed. Installing PowerShell 7.x does not overwrite the older version; instead, it installs a new executable called pwsh.exe. This allows you to have both versions running side-by-side. The key is to update systems in a way that does not disrupt scripts that depend on the older version.

A. Key Differences Between PowerShell 5.1 and PowerShell 7.x

  • powershell.exe refers specifically to the older Windows PowerShell 5.1.
  • pwsh.exe refers to the newer PowerShell 7.x, which is cross-platform (Windows, Linux, macOS).
  • PowerShell 7.x offers enhanced performance, more features, and updated modules.

2. Most Windows Machines Are Still Using Windows PowerShell 5.1 by Default

It’s important to note that even on modern operating systems like Windows 10 and Windows 11, Windows PowerShell 5.1 is the default version that comes pre-installed. This means that if you’re using powershell.exe in your scheduled tasks, scripts, or automation, you are actually invoking the older PowerShell 5.1 environment.

To utilize the features of the newer PowerShell 7.x, you need to explicitly use pwsh.exe, which is not pre-installed. You can download and install PowerShell 7.x manually from the official GitHub releases page or via the Microsoft Store.

Checking Which PowerShell Versions Are Installed


# Check if PowerShell 7.x is installed
Get-Command -Name pwsh -ErrorAction SilentlyContinue

# Check the version of Windows PowerShell (5.1)
$PSVersionTable.PSVersion

If pwsh is not found, then PowerShell 7.x is not installed on your system.

3. Preparing the PowerShell Update Files

The first step is to download the latest PowerShell installer from the official GitHub repository. This MSI installer can be deployed using Group Policy.

A. Downloading the Installer

Visit the PowerShell GitHub releases page and download the latest version:

Example: Download the MSI installer for PowerShell 7.4.6:


https://github.com/PowerShell/PowerShell/releases/download/v7.4.6/PowerShell-7.4.6-win-x64.msi

Save the file to a shared network location accessible to all target computers.

4. Setting Up Group Policy for Deployment

Now that you have the PowerShell installer, the next step is to create a Group Policy Object (GPO) to deploy it across your network.

A. Creating the GPO

  1. Open the Group Policy Management Console (GPMC).
  2. Right-click the target Organizational Unit (OU) and select Create a GPO in this domain, and Link it here….
  3. Name the GPO (e.g., Deploy PowerShell 7).
  4. Right-click the new GPO and click Edit.

B. Configuring Software Installation

  1. Navigate to Computer Configuration > Policies > Software Settings > Software Installation.
  2. Right-click and select New > Package.
  3. Enter the UNC path to the MSI file (e.g., \\YourServer\SharedFolder\PowerShell-7.4.6-win-x64.msi).
  4. Select Assigned and click OK.

5. Running the Correct Version of PowerShell in Scheduled Tasks

If you’ve been using powershell.exe in your Task Scheduler or automation scripts, you’re inadvertently running them with Windows PowerShell 5.1. To take advantage of PowerShell 7.x, you’ll need to update your scheduled tasks to use pwsh.exe instead.

Updating Scheduled Tasks


# Example of using pwsh.exe in Task Scheduler
C:\Program Files\PowerShell\7\pwsh.exe -File "C:\Scripts\YourScript.ps1"

This change ensures that your scripts are executed with the newer PowerShell 7.x environment.

6. Using PowerShell to Check Installed Versions


Get-Command -Name pwsh, powershell -All

This command lists the paths of all installed PowerShell versions, helping you verify that both versions are correctly installed.

Conclusion

Updating PowerShell using Group Policy can streamline the process of deploying the latest version across your organization. By installing the new version side-by-side with the existing one, you can take advantage of the latest features while ensuring compatibility with your current scripts. Ensure that your automation, scheduled tasks, and scripts are explicitly updated to use pwsh.exe where needed to avoid inconsistencies.

References